struct privcmd_buf_vma_private has a zero-sized array at the end
(pages), use the new struct_size() helper to determine the proper
allocation size and avoid potential type mistakes.
Signed-off-by: Andrea Righi <[email protected]>
---
drivers/xen/privcmd-buf.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/drivers/xen/privcmd-buf.c b/drivers/xen/privcmd-buf.c
index de01a6d0059d..a1c61e351d3f 100644
--- a/drivers/xen/privcmd-buf.c
+++ b/drivers/xen/privcmd-buf.c
@@ -140,8 +140,7 @@ static int privcmd_buf_mmap(struct file *file, struct vm_area_struct *vma)
if (!(vma->vm_flags & VM_SHARED))
return -EINVAL;
- vma_priv = kzalloc(sizeof(*vma_priv) + count * sizeof(void *),
- GFP_KERNEL);
+ vma_priv = kzalloc(struct_size(vma_priv, pages, count), GFP_KERNEL);
if (!vma_priv)
return -ENOMEM;
--
2.19.1
On 03/04/2019 07:26, Andrea Righi wrote:
> struct privcmd_buf_vma_private has a zero-sized array at the end
> (pages), use the new struct_size() helper to determine the proper
> allocation size and avoid potential type mistakes.
>
> Signed-off-by: Andrea Righi <[email protected]>
Reviewed-by: Juergen Gross <[email protected]>
Juergen
On 03/04/2019 07:26, Andrea Righi wrote:
> struct privcmd_buf_vma_private has a zero-sized array at the end
> (pages), use the new struct_size() helper to determine the proper
> allocation size and avoid potential type mistakes.
>
> Signed-off-by: Andrea Righi <[email protected]>
Pushed to xen/tip.git for-linus-5.1b
Juergen